SQL Injections showcase

This is my winning solution for a faculty SQL Injection contest I participated in 2021.

The main challenge was to find inventive and playful ways to exploit database connected applications that are vulnerable to this kind of attack.

Therefore, I used two applications: one that was entirely coded by me, and the other being a vulnerable webservice hosted on a Linux server. It was fun ( ͡° ͜ʖ ͡°) .

Below is the complete description of the exploitation process / write-up.

DB schema

The Github repo for this solution can be found here.

The above PDF and video demo can be found here.